We’re excited to announce the public preview of smart card redirection support for YubiKeys is now available in Windows App on iOS version 11.0.4.

Microsoft and Yubico have partnered to deliver an improved experience for YubiKey and Windows App users. Now customers using Windows App can connect their YubiKey to their Apple iPhone or iPad and use it within the virtual Windows session to stay secure and productive. The Yubico integration supports the latest YubiKey 5 portfolio.

Screen capture with a pop-up of a smart card sign in.

For more details, visit Redirect local devices, audio, and folders in Windows App. 

Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q&A.

​Microsoft Tech Community – Latest Blogs –Read More 

Hi all,

Is there a way to conditionally hide an item in a custom view (gallery) based on the value of a Yes/No column? See screenshot below for my attempt using CSS ‘display’, but I find that it still leaves an empty slot in the list.

Any suggestions?

Thank you! 

​Hi all, Is there a way to conditionally hide an item in a custom view (gallery) based on the value of a Yes/No column? See screenshot below for my attempt using CSS ‘display’, but I find that it still leaves an empty slot in the list. Any suggestions? Thank you!    Read More

​

Hi good people,

I was trying to use a PC that had been setting around for a couple of years. My coworker did not remember the password and we decided to just reset the PC and delete everything on it. However, after I had done so I end up back on the sign in screen, for an account that is not an admin, and when I sign in using the pin I get “The user profile service service failed to sign-in. User profile cannot be loaded.”. I was hoping that after the reset (cleaning all drives), I would end up with a clean PC as if I just bought it. 

Any help is appreciated as I am lost.

Thanks in advance.

​Hi good people, I was trying to use a PC that had been setting around for a couple of years. My coworker did not remember the password and we decided to just reset the PC and delete everything on it. However, after I had done so I end up back on the sign in screen, for an account that is not an admin, and when I sign in using the pin I get “The user profile service service failed to sign-in. User profile cannot be loaded.”. I was hoping that after the reset (cleaning all drives), I would end up with a clean PC as if I just bought it.  Any help is appreciated as I am lost.Thanks in advance.  Read More

​

Digital signage in Microsoft Teams Rooms expands communications into your meeting spaces, enhancing employee engagement and connection. When your Teams Rooms devices are not used for meetings nor presentations, you can set them up to run in signage mode, where the front-of-room displays show dynamic content and relevant information in rotation. You can showcase company news, organization updates, upcoming events, internal campaigns, and more, enabling IT, Communications, HR, and Facilities to share messages directly with employees in between meetings and maximizing your existing Teams Rooms hardware investments.

Teams Rooms display as digital signage when idle.

Customize signage mode to fit your organization’s needs and preferences

Signage mode fills the front-of-room display with content while keeping the room information and calendar preview visible in the Teams Rooms banner, so users remain aware of the room context while viewing signage content. If you prefer to have signage content occupy the entire front-of-room display without any room information overlayed, you can hide the Teams Rooms banner. A simple tap on the touch console in signage mode seamlessly returns the device to the Teams Rooms home screen.

Digital signage on the front of room display and a close-up on a touch console display. When you tap, the room display reverts to the Teams Rooms home screen.

To give you full control and flexibility, signage mode activates and deactivates based on the timers you set. You can set the number of minutes the device has been idle for before signage mode is activated, as well as how many minutes before a meeting is scheduled to start before signage mode is deactivated. To ensure users who arrive early in the room before a meeting starts and those who linger in the room after a meeting ends can see signage content, you can set the activation and deactivation timers to the lowest possible values.

In addition to being able to specify the signage mode activation and deactivation timers, you can also set whether signage mode adheres to the operating system’s screen timeout settings. To avoid screen burn and comply with sustainability mandates, you can keep the default behavior of signage mode which adheres to the screen timeout settings for most of your devices. However, if you have devices that are placed in rooms with glass walls or common open areas with high foot traffic, you have the option to have signage mode ignore the screen timeout settings for these devices to ensure maximum visibility of signage content.

Seamlessly integrate with supported digital signage providers

We are excited to partner with Appspace and XOGO to bring their digital signage solutions to Teams Rooms to help you easily create, deploy, and manage content for digital signage. Appspace and XOGO are trusted third-party options built into the Teams Rooms Pro Management portal for you to enable as a signage source.

Our native integrations with Appspace and XOGO support the automatic registration of Teams Rooms devices into their content management systems, streamlining device onboarding and management. As part of the integration, Appspace and XOGO will receive the names of the rooms that are registered in their system so you can properly identify your Teams Rooms devices within Appspace and XOGO. Once your rooms are registered into Appspace or XOGO, you can update and manage the signage content in your rooms directly from their respective content management systems.

For customers who are not using any of the supported digital signage providers, you may add custom web URLs as a signage source.

Admin controls for digital signage in the Pro Management portal.

Remotely manage digital signage settings at scale with flexible management permissions

You can conveniently configure tenant-wide and room-specific digital signage settings directly from the Teams Rooms Pro Management portal. Setting up digital signage for your organization is straightforward: just enable the digital signage feature at the tenant-level, add a signage source, and assign the signage source and settings to your rooms.

To activate integrations with one of our supported digital signage providers, simply select your provider of choice from the signage source options and enter a valid integration ID from Appspace or XOGO. You can access the Appspace Teams Rooms setup guide here, and the XOGO Teams Rooms setup guide here.  If you want to enable a web URL as a signage source, select the custom option and enter a valid web URL. Make sure that your web URL meets our requirements to ensure it loads successfully.

Assigning signage source and settings to your rooms is built with scale in mind. You can assign signage source and settings to multiple rooms and/or room groups at once, simplifying your digital signage management workflow.

We understand that digital signage administration may not look the same for each organization. Some customers may want to centrally manage digital signage, while others may want to assign digital signage management to local admins. By default, the Teams Rooms Pro Manager and the M365 Global Admin roles have rights to manage digital signage management for the tenant. However, you can grant digital signage tenant management and/or digital signage room management permissions from the Teams Rooms Pro Management portal to additional users using the role-based access control per your desired governance model.

Digital signage is currently available for Teams Rooms on Windows, Teams Rooms Pro license, and commercial cloud customers. Integrations with third-party digital signage providers require a separate subscription with the provider. Contact Appspace and XOGO directly for quotes. Support for Government Community Cloud, Government Community Cloud High, Department of Defense, and Teams Rooms on Android will be added in the future.

​Microsoft Tech Community – Latest Blogs –Read More 

In this blog, we will focus on a common solution that demonstrates how to securely connect to an Azure SQL Database using Microsoft Entra Authentication with the current logged in user. It leverages the SQLAlchemy library for Python, integrating Entra’s secure identity framework with your database connection.

Key Steps:

Set Current User as Admin: You begin by configuring an Azure Entra account as the admin for the Azure SQL Server.
Configure Firewall Rules: Ensure that your machine or application has access by adding its IP address to the Azure SQL Server firewall.
Create Secure Connection: Finally, the Python SQLAlchemy library is used to connect to the database, relying on Microsoft Entra authentication instead of hard-coded credentials.

With this setup, we achieve a secure, credential-less connection to Azure SQL Database!

Comparing Azure SQL Authentication Methods

Before diving into the solution, let’s compare authentication methods. When it comes to securing access to your Azure SQL Database, the method you choose for authentication can significantly impact both the security and manageability of your applications. There are two primary methods commonly used: SQL Authentication, which relies on username and password credentials, and Microsoft Entra Managed Identity, which utilizes Microsoft Entra ID (formally Azure AD) for identity and access management.

SQL Authentication Drawbacks

SQL Authentication, while straightforward, comes with inherent security risks and management burdens. One of the main concerns is the reliance on hard-coded or stored credentials, often passed through connection strings in application code or configuration files. Additionally, using the stored static credentials allows continued access until explicitly revoked, enlarging your database’s attack surface. For example, when using SQL Authentication, developers might include connection credentials like this:

connection_string = “Driver={SQL Server};Server=tcp:yourserver.database.windows.net,1433;Database=yourdb;Uid=yourusername;Pwd=yourpassword;”

In this example, embedding the username and password in the application introduces several vulnerabilities:

Credential Exposure: If the codebase is shared, leaked, or compromised, database credentials can be exposed.
Secret Management: You need solutions like Azure Key Vault to securely store and rotate credentials, adding complexity.
Credential Rotations: SQL credentials require manual or automated rotation, increasing operational overhead.

Improved Security with Microsoft Entra authentication

Microsoft Entra authentication (formerly known as Azure AD) offers a more secure and manageable way to authenticate applications and users to Azure SQL Database. Instead of relying on stored credentials, Microsoft Entra uses tokens generated dynamically and securely by Azure’s identity management system, eliminating the need for static credentials in your applications or configuration files.

Key Security Advantages:

Credential-less Access: No need to store or transmit sensitive credentials (username and password) in code or configuration files.
Time-Limited Access: Entra-generated tokens have limited lifetimes, reducing the risk of misuse or unauthorized access over extended periods.
Centralized Management: Entra integrates seamlessly with other Azure services, providing centralized identity and access control across your applications.
Role-Based Access Control (RBAC): By using Entra authentication, access can be more finely tuned using RBAC, meaning users only get the permissions they need to perform their tasks.

In contrast to SQL Authentication, which requires manually revoking credentials, Microsoft Entra authentication ensures that when access to an account is revoked, it immediately affects all Azure services, preventing further unauthorized access. This vastly reduces the risk of security breaches due to stale credentials lingering in code repositories or configuration files.

Pre-requisites

An Azure subscription.
An Azure SQL database configured with Microsoft Entra authentication. You can create one using the Create database quickstart.
The latest version of the Azure CLI.
Visual Studio Code with the Python extension.
Python 3.8 or later.
ODBC Driver for SQL Server

Configure the Database

Setting Current User as Azure SQL DB Admin

First, you need to set your current Azure AD user as the Azure SQL Admin for your database. Follow the steps below:

Navigate to Your Azure SQL Server:

Log in to the Azure Portal.
Search for and select your Azure SQL Server (not the individual database).

Set Azure AD Admin:

In the left-hand menu, under Settings, click on Microsoft Entra ID.
Select Support Only Microsoft Entra authentication for this server to ensures no one can access the database server using SQL login credentials.
Click on Set admin.

In the Add admin pane, search for your user account.
Select your account and click Select.
This will set your user as a database admin and allow it to login using Microsoft Entra authentication.

Click on Save.

Adding Your IP Address to the Azure SQL Server Firewall

To ensure your connection to Azure SQL Database is secure and allowed, you will need to add your IP address to the server’s firewall rules. This step prevents unauthorized IPs from accessing your server while allowing your trusted IP to connect. Follow these steps:

Navigate to Your Azure SQL Server:

Log in to the Azure Portal.
Search for and select your Azure SQL Server.

Configure Firewall Settings:

In the left-hand menu under Security, select Networking.
In the Public network access section, enable Selected networks to allow the firewall rule in order to whitelist your IP address.
Under the Firewall rules section, click on Add your client IPv4 address. This will automatically detect your current IP address and add it to the list of allowed addresses.
Click on Allow Azure services and resources to access this server. This will allow your web app running on Azure to access the database.
Click on Save.

At this point, we have set up an Azure AD user as the admin for the Azure SQL Server, enforcing Entra ID (formerly Azure AD) authentication and eliminating the need for SQL login credentials. This reduces the risk of credential exposure while streamlining identity management. We also added your IP to the Azure SQL Server firewall whitelist, ensuring only authorized IP addresses can connect, minimizing exposure to external threats.

With these security measures in place, we are ready to securely connect and interact with the Azure SQL Database using Python, leveraging Microsoft for seamless, credential-free authentication.

Set up the project

Now that the database setup is complete, we are ready to implement and use the code that will interact with the database. We will be using SQLAlchemy, which provides many database capabilities for python developers, like ORM capabilities and connection pooling.

1. Open Visual Studio Code and create a new folder for your project and change directory into it.

mkdir python-sql-azure
cd python-sql-azure

2. Create a requirements.txt file with the following content:

pyodbc
fastapi
uvicorn[standard]
pydantic
azure-identity
sqlalchemy

3. Create a start.sh file (this is only needed if you plan to deploy this project to azure)

gunicorn -w 4 -k uvicorn.workers.UvicornWorker app:app

4. Create an app.py file with the content below:

import struct
import urllib
from typing import Union, Optional
from fastapi import FastAPI, HTTPException
from pydantic import BaseModel
import sqlalchemy as db
from sqlalchemy import String, select, event
from sqlalchemy.orm import Session, Mapped, mapped_column
from sqlalchemy.ext.declarative import declarative_base
from azure.identity import DefaultAzureCredential

driver_name = ‘{ODBC Driver 18 for SQL Server}’
server_name = ‘<server_name>’
database_name = ‘<database_name>’

connection_string = ‘Driver={};Server=tcp:{}.database.windows.net,1433;Database={};Encrypt=yes;TrustServerCertificate=no;Connection Timeout=30’.format(driver_name, server_name, database_name)

Base = declarative_base()
credential = DefaultAzureCredential()

class UserSchema(BaseModel):
first_name: str
last_name: Union[str, None] = None

class User(Base):
__tablename__ = “user”

id: Mapped[int] = mapped_column(primary_key=True)
first_name: Mapped[str] = mapped_column(String(30))
last_name: Mapped[Optional[str]]

def __repr__(self) -> str:
return f”User(id={self.id!r}, first_name={self.first_name!r}, last_name={self.last_name!r})”

def get_engine():
params = urllib.parse.quote(connection_string)
url = “mssql+pyodbc:///?odbc_connect={0}”.format(params)
return db.create_engine(url, pool_size=1, max_overflow=0)

engine = get_engine()

# from https://docs.sqlalchemy.org/en/20/core/engines.html#generating-dynamic-authentication-tokens
@event.listens_for(engine, “do_connect”)
def provide_token(dialect, conn_rec, cargs, cparams):
“””
Called before the engine creates a new connection. Injects an EntraID token into the connection parameters.
“””
print(‘creating new token’)

token_bytes = credential.get_token(“https://database.windows.net/.default”).token.encode(“UTF-16-LE”)
token_struct = struct.pack(f'<I{len(token_bytes)}s’, len(token_bytes), token_bytes)
SQL_COPT_SS_ACCESS_TOKEN = 1256 # This connection option is defined by microsoft in msodbcsql.h

cparams[“attrs_before”] = {SQL_COPT_SS_ACCESS_TOKEN: token_struct}

# set up the database
Base.metadata.create_all(engine)

app = FastAPI()

@app.get(“/all”)
def get_users():
with Session(engine) as session:
stmt = select(User)

rows = []
for user in session.scalars(stmt):
print(user.id, user.first_name, user.last_name)
rows.append(f”{user.id}, {user.first_name}, {user.last_name}”)

return rows

@app.get(“/user/{user_id}”)
def get_user(user_id: int):
with Session(engine) as session:
stmt = select(User).where(User.id == user_id)
user = session.execute(stmt).scalar()

if not user:
raise HTTPException(status_code=404, detail=”User not found”)

return f”{user.id}, {user.first_name}, {user.last_name}”

@app.post(“/user”)
def create_user(item: UserSchema):
with Session(engine) as session:
user = User(first_name=item.first_name, last_name=item.last_name)
session.add(user)
session.commit()

return item

Notes:

make sure to update the server_name and database_name variables in the code above with the names you used to create both the SQL server and the database
The provide_token method will be called every time a database connection is created by the engine. It’s responsible for injecting the EntraID token so it can successfully authenticate to the database. This is necessary in order to always have a fresh token when creating a connection, otherwise if we had a static token that was already expired, it would never be able to connect again to the database.

Running Locally

1. Create a virtual environment for the app

py -m venv .venv
.venvscriptsactivate

2. Install requirements

pip install -r requirements.txt

3. Run the app.py file in Visual Studio Code.

uvicorn app:app –reload

4. Open the Swagger UI at http://127.0.0.1:8000/docs

5. Create a new user using the Create User endpoint

6. Try Get User and Get Users endpoints

Running on Azure

1. Use the az webapp up to deploy the code to App Service. 

az webapp up –resource-group <resource-group-name> –name <web-app-name>

2. Use the az webapp config set command to configure App Service to use the start.sh file.

az webapp config set –resource-group <resource-group-name> –name <web-app-name> –startup-file start.sh

3. Use the az webapp identity assign command to enable a system-assigned managed identity for the App Service. This is needed because we will grant database access to this identity, with specific roles.

az webapp identity assign –resource-group <resource-group-name> –name <web-app-name>

4. Grant permissions to the web app identity by running the SQL commands below on your database. The first commanda creates a database user for the web app and the following ones sets data reader/writer roles (you can find more details about roles at Database-level roles – SQL Server | Microsoft Learn). By doing this we guarantee that the web app has the least privilege.

CREATE USER [<web-app-name>] FROM EXTERNAL PROVIDER
ALTER ROLE db_datareader ADD MEMBER [<web-app-name>]
ALTER ROLE db_datawriter ADD MEMBER [<web-app-name>]

5. Open the Swagger UI at https://<web-app-name>.azurewebsites.net/docs and test the endpoints again

References

Connect to and query Azure SQL Database using Python and the pyodbc library – Azure SQL Database | Microsoft Learn

​Microsoft Tech Community – Latest Blogs –Read More 

Hello, 

I have someone that has been having issues with their outlook account. Originally the issue persisted in the Classic Outlook. They would search for an old e-mail sent from a specific user, and they would be prompted by an error message saying “it looks like there’s a problem with your network connection – let’s check on your computer instead”. Which feels to me that it struggled to search the 365 exchange server first which prompted the error message – however, the email was able to be found as it is stored locally. 

I re-installed outlook. I rebuilt the search index. I added a DWORD key in the registry ‘DisableServerAssistedSearch’ within ‘HKEY_CURRENT_USERSoftwareMicrosoftOffice16.0OutlookSearchDisableServerAssistedSearch’ and set value to 1. 

This prevented the error message from cropping up whenever the email was searched for. 

However, now when the same search is attempted on the new version of the outlook – it doesn’t do anything other then display an error message simply saying “Your request can’t be completed right now”. 

Is there a fix for this? It’s quite annoying for anyone wishing to use the new version of the outlook. 

​Hello,  I have someone that has been having issues with their outlook account. Originally the issue persisted in the Classic Outlook. They would search for an old e-mail sent from a specific user, and they would be prompted by an error message saying “it looks like there’s a problem with your network connection – let’s check on your computer instead”. Which feels to me that it struggled to search the 365 exchange server first which prompted the error message – however, the email was able to be found as it is stored locally.  I re-installed outlook. I rebuilt the search index. I added a DWORD key in the registry ‘DisableServerAssistedSearch’ within ‘HKEY_CURRENT_USERSoftwareMicrosoftOffice16.0OutlookSearchDisableServerAssistedSearch’ and set value to 1.  This prevented the error message from cropping up whenever the email was searched for.  However, now when the same search is attempted on the new version of the outlook – it doesn’t do anything other then display an error message simply saying “Your request can’t be completed right now”.  Is there a fix for this? It’s quite annoying for anyone wishing to use the new version of the outlook.   Read More

​

Hello intune forum,

I recently setup apple business manager in our enviroment to work with Intune. I’ve created the enrollment profile, setup the VPP token, etc. But now, a few of our users, myself included is getting a pop-up on our phones stating : “this apple account cannot make purchases”. I made sure only the VPP apps are being pushed to the company phones and not the apps from the store. Anyone else have this issue? 

​Hello intune forum,I recently setup apple business manager in our enviroment to work with Intune. I’ve created the enrollment profile, setup the VPP token, etc. But now, a few of our users, myself included is getting a pop-up on our phones stating : “this apple account cannot make purchases”. I made sure only the VPP apps are being pushed to the company phones and not the apps from the store. Anyone else have this issue?   Read More

​

I have Plan 3 MS Project install on my machine and when I create new files in MS Project the mime type is always Application/vnd.ms-office why is the MS project mime type is not Application/vnd.ms-project

I have check the reg edit under ComputerHKEY_CLASSES_ROOTMIMEDatabaseContent Type

i can see Application/vnd.ms-project and the extension is mpp

​I have Plan 3 MS Project install on my machine and when I create new files in MS Project the mime type is always Application/vnd.ms-office why is the MS project mime type is not Application/vnd.ms-projectI have check the reg edit under ComputerHKEY_CLASSES_ROOTMIMEDatabaseContent Typei can see Application/vnd.ms-project and the extension is mpp  Read More

​

This project showcases the use of a Declarative Agent for Microsoft 365 Copilot, designed to create personalized experiences through specific instructions, actions, and knowledge. Specializing in ServiceNow, this declarative agent leverages the following capabilities and actions:

SharePoint Integration: Enables users to retrieve information from files, which can be useful for providing context to ServiceNow tickets and for creating new tickets.

Graph Connectors: Utilizes the Knowledge Base and Services Catalog connectors from ServiceNow to enhance functionality.

Plugins: Incorporates a ServiceNow Scripted REST API that allows users to list their incidents and create new ones.

Note: This sample code is intended for illustrative purposes only and should not be deployed in a production environment without thorough review. It demonstrates how to build a simple Declarative Copilot using Visual Studio Code and the Teams Toolkit. Please note, I do not have the rights or permission from ServiceNow and Adventure Time (Ice King logo).

Prompt Samples

1. ServiceNow Knowledge Graph Connector:

List the articles regarding Outlook 2010. Place the results in a table with the article title in one column and a brief summary in the other

ServiceNow Service Catalog Graph Connector

How do I request a new laptop?

SharePoint Capability

List the items from the snow spreadsheet and format as a table. Also, please add an integer column as the first column, listing the item numbers.

Plugin: List my incidents

List my incidents

Plugin: Create a new incidents

The following prompt uses the list of incidents returned from the previously executed snow spreadsheet file. I’m asking Copilot to create a new incident based on the sixth item in that list.

Create a new incident for the item 6

Build a basic declarative agent with API plugin

Declarative agents are customized versions of Microsoft 365 Copilot that help you to create personalized experiences by declaring specific instructions, actions, and knowledge.

With the declarative agent, you can build a custom version of Copilot that can be used for specific scenarios, such as for specialized knowledge, implementing specific processes, or simply to save time by reusing a set of AI prompts. For example, a grocery shopping Copilot declarative agent can be used to create a grocery list based on a meal plan that you send to Copilot.

You can extend declarative agents using plugins to retrieve data and execute tasks on external systems. A declarative agent can utilize multiple plugins at the same time.

Get started

Prerequisites

To run this app template in your local dev machine, you will need:

Node.js, supported versions: 16, 18
A Microsoft 365 account for development.
Teams Toolkit Visual Studio Code Extension version 5.0.0 and higher or Teams Toolkit CLI
Microsoft 365 Copilot license
ServiceNow Developer Instance

First, select the Teams Toolkit icon on the left in the VS Code toolbar.
In the Account section, sign in with your Microsoft 365 account if you haven’t already.
Create Teams app by clicking Provision in “Lifecycle” section.
Select Preview in Copilot (Edge) or Preview in Copilot (Chrome) from the launch configuration dropdown.
Select your declarative agent from the Copilot app.
Send a prompt.

What’s included in the project

Folder
Contents

.vscode
VSCode files for debugging

appPackage
Templates for the Teams application manifest, the plugin manifest and the API specification

env
Environment files

The following files can be customized and demonstrate an example implementation to get you started.

File
Contents

appPackage/declarativeCopilot.json
Define the behaviour and configurations of the declarative agent.

appPackage/manifest.json
Teams application manifest that defines metadata for your declarative agent.

appPackage/instructions.txt
Define how the agent should communicate. An agent might be concise, detailed, interactive, or suggestive. Also include any restrictions that should be applied.

appPackage/ai-plugin.json
It contains everything Copilot needs to know about the API that isn’t in the Swagger file. It breaks the API down into “functions” that share a common URL path and result set.

appPackage/apiSpecificationFile/openapi.json
It is the Swagger file for the API.

The following are Teams Toolkit specific project files. You can visit a complete guide on Github to understand how Teams Toolkit works.

File
Contents

teamsapp.yml
This is the main Teams Toolkit project file. The project file defines two primary things: Properties and configuration Stage definitions.

Addition information and references

Declarative agents for Microsoft 365
Extend Microsoft 365 Copilot
Message extensions for Microsoft 365 Copilot
Microsoft Graph Connectors for Microsoft 365 Copilot
Microsoft 365 Copilot extensibility samples

ServiceNow Plugin

This project consumes two ServiceNow Scripted REST APIs to integrate with ServiceNow’s platform, enabling seamless data exchange and automation of specific workflows.

ServiceNow Scripted REST APIs

Scripted REST APIs in ServiceNow allow developers to create custom web service APIs that can interact with ServiceNow data and services. These APIs can be configured to support various HTTP methods (GET, POST, PUT, DELETE) and can be used to perform operations like querying data, creating records, updating records, and deleting records.

Creating Scripted REST APIs

This section includes the code for the Scripted REST API designed to list the incidents associated with a user.

Navigate to System Web Services: Go to System Web Services > Scripted Web Services > Scripted REST APIs.
Create a New API: Click on New and provide a name and namespace for your API.
Define Resources: Create resources by specifying the HTTP method, relative path, and any path parameters.
Write Scripts: In the scripting window, write the necessary scripts to handle the request and response objects.
Test the API: Use the REST API Explorer to test your API and ensure it works as expected.

List my Incidents REST API

The API is built on ServiceNow’s platform, utilizing its robust scripting capabilities to fetch and return incident data.

This API supports the GET method and responds with a JSON object containing the relevant incident details.

(function process(/*RESTAPIRequest*/ request, /*RESTAPIResponse*/ response) {

var username = request.pathParams.username;
//var username = request.queryParams.username;

// Get the ServiceNow instance name
var instanceName = gs.getProperty(‘instance_name’, ‘default_instance’);

// Replace ‘+’ with ‘ ‘ (space)
username = username.replace(/+/g, ‘ ‘);

// Query the Incident table for incidents associated with the email
var gr = new GlideRecord(‘incident’);
gr.addQuery(‘caller_id.name’, username);
gr.query();

// Prepare the result
var result = [];
while (gr.next()) {
result.push({
number: gr.getValue(‘number’),
short_description: gr.getValue(‘short_description’),
state: gr.getValue(‘state’)
});
}

// Check if incidents were found
if (result.length === 0) {
response.setStatus(404);
response.setBody({error: ‘No incidents found for the user name’});
} else {
// Set the result as the response body
response.setStatus(200);
response.setBody(result);
}

})(request, response);

Create a new incident

This section includes the code for the Scripted REST API designed to create new incidents on ServiceNow.

This API leverages ServiceNow’s capabilities to accept incident details through a POST request and create a corresponding incident record in the ServiceNow system. The request body should contain the necessary incident data, and upon successful creation, the API responds with the details of the newly created incident.

(function process(/*RESTAPIRequest*/ request, /*RESTAPIResponse*/ response) {

// Parse the request body to get incident details
var requestBody = request.body.data;

// Check required fields in the request body
if (!requestBody || !requestBody.short_description || !requestBody.username) {
response.setStatus(400); // Bad Request
response.setBody({error: “Missing required fields: short_description or username”});
return;
}

// Lookup caller_id based on the username
var userGr = new GlideRecord(‘sys_user’);
userGr.addQuery(‘name’, requestBody.username);
userGr.query();

if (!userGr.next()) {
response.setStatus(404); // Not Found
response.setBody({error: “User not found with username: “ + requestBody.username});
return;
}

var callerId = userGr.sys_id;

// Create a new incident record in ServiceNow
var gr = new GlideRecord(‘incident’);
gr.initialize();
gr.short_description = requestBody.short_description;
gr.description = requestBody.description;
gr.caller_id = callerId; // Assign the found caller’s sys_id
gr.category = requestBody.category || ‘inquiry’; // Optional: Default category
gr.impact = requestBody.impact || 3; // Optional: Default to low impact
gr.urgency = requestBody.urgency || 3; // Optional: Default to low urgency

var incidentNumber;
try {
// Insert the incident record
var sysId = gr.insert();
incidentNumber = gr.number;

// Set success response
response.setStatus(201); // Created
response.setBody({
result: ‘Incident created successfully’,
sys_id: sysId,
number: incidentNumber
});
} catch (e) {
// Handle error during record insertion
gs.error(“Error creating incident: “ + e.message);
response.setStatus(500); // Internal Server Error
response.setBody({error: “Error creating incident: “ + e.message});
}

})(request, response);

There are two versions.

The official one, shared at Microsoft repo, uses a REST API developed by Cristiano to connect to ServiceNow:

copilot-pro-dev-samples/samples/da-SnowWizard at main · pnp/copilot-pro-dev-samples · GitHub

My version, uses the Scripted REST API from ServiceNow and uses two ServiceNow Graph Connectors:

GitHub – luishdemetrio/SnowKing

THIS CODE IS PROVIDED AS IS WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.

​Microsoft Tech Community – Latest Blogs –Read More 

Hi Everyone! 

I haven’t been able to figure out how to hide the presence indicator on records in a modern SharePoint list when users have them open. I need to be able to just… show the list in a super simple format without the presence indicator. See attached image for a sample of what I’m talking about – the gray box around that one record with the user’s initials needs to go. I haven’t been able to find a JSON property for it.

Any ideas? 

Thanks for your consideration!

​Hi Everyone! I haven’t been able to figure out how to hide the presence indicator on records in a modern SharePoint list when users have them open. I need to be able to just… show the list in a super simple format without the presence indicator. See attached image for a sample of what I’m talking about – the gray box around that one record with the user’s initials needs to go. I haven’t been able to find a JSON property for it.  Any ideas? Thanks for your consideration!  Read More

​